package com.aaa.tmr.config;

import com.aaa.tmr.util.BussinessConstants;
import com.aaa.tmr.util.MycustomRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @ fileName:shiroConfiguration
 * @ description:shiro配置类 相当于ssm整合shiro中的spring-shiro-config.xml
 * @ author:qingfengxie
 * createTime:XXXX
 */
@Configuration  //  spring-shiro-config.xml中beans
public class ShiroConfiguration {

    /**
     * 实例化shiro过滤工厂类
     * @return
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilter(){

        ShiroFilterFactoryBean shiroFilterFactoryBean =
                new ShiroFilterFactoryBean();
        //依赖注入安全管理器
        shiroFilterFactoryBean.setSecurityManager(securityManager());

        //配置登陆失败后，跳转的页面
        shiroFilterFactoryBean.setLoginUrl("/user/toLogin");
        //配置默认页面
        shiroFilterFactoryBean.setSuccessUrl("/backIndex/toIndex");
        //配置未认证页面
        //shiroFilterFactoryBean.setUnauthorizedUrl();

        //实例化时，要保证url地址的有序性，所以一定不能使用hashMap
        //Map ChainDefinitionMap = new HashMap();
        //LinkedHashMap按照放入顺序取加载
        Map ChainDefinitionMap = new LinkedHashMap();

        //配置放行的静态资源，以后有的继续添加
        ChainDefinitionMap.put("/layui/**","anon");
        ChainDefinitionMap.put("/model/**","anon");
        //放行请求路径
        ChainDefinitionMap.put("/user/login","anon");
        ChainDefinitionMap.put("/user/toLogin","anon");
        //登出
        ChainDefinitionMap.put("/logout","logout");
        //配置拦截路径
        ChainDefinitionMap.put("/**","authc");

        //配置放行和拦截的请求路径
        shiroFilterFactoryBean.setFilterChainDefinitionMap(ChainDefinitionMap);

        return shiroFilterFactoryBean;
    }

    /**
     * 把shiro的bean交给spring管理
     * @return
     */
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        LifecycleBeanPostProcessor lifecycleBeanPostProcessor =
                new LifecycleBeanPostProcessor();
        return lifecycleBeanPostProcessor;
    }

    /**
     * 实例化SecurityManager
     * @return
     */
    @Bean
    public DefaultWebSecurityManager securityManager(){
        DefaultWebSecurityManager defaultWebSecurityManager =
                new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(mycustomRealm());
        return defaultWebSecurityManager;
    }

    /**
     * 实例化安全数据链接器Realm
     * @return
     */
    @Bean
    public MycustomRealm mycustomRealm(){
        MycustomRealm mycustomRealm = new MycustomRealm();
        mycustomRealm.setCredentialsMatcher(cm());
        return mycustomRealm;
    }

    /**
     * 配置验证匹配器（配置加密算法和哈希次数）
     * @return
     */
    @Bean
    public HashedCredentialsMatcher cm(){
        HashedCredentialsMatcher hashedCredentialsMatcher =
                new HashedCredentialsMatcher();
        //算法名称
        hashedCredentialsMatcher.setHashAlgorithmName(BussinessConstants.userCheck.AlLGORITHMNAME);
        //哈希次数
        hashedCredentialsMatcher.setHashIterations(BussinessConstants.userCheck.HASH_INTERATOR);
        return hashedCredentialsMatcher;
    }
}
